Socially Engineered Threats

Socially engineered threats has been very active and in-the-wild for the past 48hours. Following the Eurosoft, Canadian Pharmacy and Porn sites spams, the internet viral activity is also observed spreading in Facebook.

The spammed URL redirects users to a Facebook looking website, where a malware is served. Although, Mac users are not directly targeted at the moment, it is important to be cautious especially ‘Boonana’ is known being spread via Facebook.

As observed, the viral activity seems to trigger the following:

Koobface known for spreading in social networks such as Facebook.

Sasfis/Oficla known as a spambot, spreading through email

Slenfbot and/or Rimecud for spreading in instant messengers

Along these malware families are the notable active threats such as TDSS, Zeus, Spyeye and FakeAVs.